Memory storage has vastly improved since the 1980s. A common jump drive can hold .25, .50, or even a whole terabyte of data, and you can carry it around on a key ring. Compare that to the floppy disks that some of us remember from the early days of personal computers. Did you know that a floppy disk could store 1.44 megabytes or .00000144 terabytes?
Another way to look at it is that a one-terabyte thumb drive, which will set you back a few hundred dollars, has a storage capacity of about 714,000 floppy disks at about $3 or $4 apiece. So, not only are memory devices much more powerful these days, they’re way cheaper. But are USB drives potential accent points for malware? Can an infected drive spread viruses to your computer? Yes, and this article will show you how to avoid this common cyberattack. Read on to learn more about preventing your system from infected USB drives.
What Exactly are USB Drives, and How Do They Work?
USB stands for “universal serial bus,” the most common computer port type. USB-A is the port that you see on most Windows computers, but newer Macs now have ports for USB-C connectors — much to the dismay of Mac users who may have to buy a dongle to connect their USB-A drives to their computers. USBs are primarily external drives that store data.
They can hold files with information and programs that trigger as soon as they connect. For this reason, they are a favorite attack tool for cybercriminals who can load malware on seemingly innocuous devices and either pass them to an unsuspecting user or insert the drive themselves.
How can USBs Cause a Security Threat?
There are many different methods that hackers use to infiltrate systems. Sometimes, they work from a remote location using brute force or phishing attacks. In other cases, they use an unsuspecting employee to give them access with a tool, like a USB drive. Or they work for the company and use the USB to steal files or insert malware.
A USB rubber ducky can be used as an attack tool. When a rubber ducky is connected to a port, it starts using keystroking software to type commands to the computer system. This could be used to load files or sensitive information directly to the USB or to deliver information via the internet. It could also leave malware on the system to allow for continued access or to wreak havoc. The uses for a cybercriminal are only limited by their coding ability (or ability to obtain hacking programs).
How to Use Caution with USB Drives?
Naturally, the outward physical appearance of a USB drive will provide no warning about what’s contained in it. It might be nice if physical hardware contained a warning label about what’s contained inside, but that’s counter to the mission of the cybercriminal. The U.S. Cybersecurity & Infrastructure Security Agency has issued some tips to counter this very real threat. They recommend the following:
Never Use a USB Drive from an Unknown Source – This really goes for any software from an unknown source, including downloads from the internet. If you find a USB drive on the ground or in the breakroom at work, give it to your IT department. Do not try to access it via your computer.
Protect Your USB Drive with Passwords and Encryption – Your device can end up contracting malware, but having a password on it prevents someone from accessing it without your knowledge.
Don’t Mix Business Computers and USB Devices with Personal Ones – Don’t use your personal USB device on a work computer or vice versa. This way, if malware is detected, you can contain the damage.
Disable the Autorun Feature – Autorun allows a USB drive to connect automatically, which means that malicious software can also start to run automatically.
Update All Software – As always, you want to ensure that any installed software and your operating system is up-to-date. Updates often contain patches for the newest security exploits. By updating your software, you can prevent attacks that would otherwise be successful.
Use Antivirus Software – Malware protection will scan your computer regularly to ensure that your unit and system are free from viruses.
How to Ensure Your USB Drive is Free From Viruses
You may have created effective protocols to prevent your computer from contracting malware, but it still becomes infected. There is no absolute defense for malware, and as long as human beings remain the weakest link in the security chain, a malware infection will likely occur. If you have an IT security plan in place, you can minimize the damage.
If you have an IT security department or a managed security service provider (MSSP), they should have a protocol for all system security breaches. In most instances, the first step is to isolate the infected systems from each other and from outside access. This means disconnecting them from the internet. You should also disable remote access to your network. Change all passwords and have your employees reset their passwords. Update all software when you have your system back online. For more detailed instructions, contact a cybersecurity professional.
Common USB Drive Attacks
While the possibilities are endless, some attacks are more common than others. Here are three of the better-known cyber attacks:
1. Malicious Code Attacks
The user tries to gain access a file in the USB driver. When they click on it, the drive releases malware into the system.
2. Social Engineering Attacks
“Social engineering” is a catchall term in cybersecurity that refers to manipulating human behaviors. A USB attack might exploit the tendency of the user to click on attractive sites. The user is directed to a phishing site where they are asked for their login credentials, providing them to the attacker.
3. Human Interface Device (HID)
The USB injects keystroking software that tricks the system into believing that a human being is accessing it. This will often provide the attacker with remote access.
Frequently Asked Questions About USB Drives and Security
USB drives are a useful tool but can also represent a substantial threat to your individual computer or a networked device. Here are some of the most frequently asked questions that the IT security professionals at Flagler Tech hear from our clients.
What Causes Someone to Use an Unknown USB Drive?
People are naturally curious, and when they find an unattended USB drive, there’s often an overwhelming urge to plug it in and see what’s on there. Oftentimes, they’re just trying to identify the owner to return the unit. Hackers, of course, are aware of this and will often drop a drive where it’s likely to be found.
How Do I Wipe a USB Drive?
Cleaning an unknown USB drive without connecting it to a computer is not really possible. For example, flash drives don’t contain magnetic material, so trying to wipe them with an electronic magnet — something that would work on a floppy disk — will not wipe the files and potential spyware or malware from the USB drive. If you find a USB drive, you should assume that it will damage your computer and turn it into the IT department. You can also put out a company-wide email to see if anyone is looking for it.
Why Isn’t it a Good Idea to Use a USB to Transfer Info Between Home and Work?
Chances are good that you don’t have a team of IT security professionals for your home computer. Therefore, the chance of your home computer contracting malware is much greater. Certain types of malware attach themselves to any device they’re connected to, like a biological virus spreading from one host to another.
That means that you can inadvertently load a virus onto your flash drive and transfer it to your work system when you plug it in there. It’s never a good idea to share files or information from your home system to your work system, but USBs present a particularly dangerous threat.
How Do You Protect Your Computers from Infected USB Drives?
The safest way to prevent a USB drive attack on your system is to not use them at all, but that isn’t practical. Here are a few rules that will decrease this form of attack:
Do not plug work USBs into outside devices.
Do not plug personal USBs into work devices.
Never plug an unknown USB into any device.
Use a password and encryption to protect your device.
Turn off the autorun feature on your devices.
Update all software and keep it updated.
Run antivirus software regularly.
Managed Security Service Providers
Flagler Tech is a managed security service provider that stops cyberattacks on companies. Most business IT departments can’t remain current with the cybersecurity threats that pop up every week. To bolster your security, contact Flagler Tech, an MSSP that can begin working on an effective cybersecurity plan for your company immediately.